Redirected user authenticated app requests cause user to be logged out and location is not updated

[sync-by-unito]

If a client app is up and running when the deployment model is changed, any subsequent app requests will receive a 308 redirect response to have the request resubmitted on the correct server. Since the redirect operation is being handled by the SDKs with the change for RCORE-2222, any user authenticated app requests that receive a redirect response will likely be resent to the server without the Authorization header when the request is re-sent to the new URL location, which will lead to the user being logged out since the request will fail.

When the user attempts to log back in again, the old server URL will still be used, which will allow the user to complete the login request, but the subsequent profile request will fail since the authorization header was stripped due to the redirect.

Update the operation of the App::log_in_with_credentials() function so it always forces a location update prior to issuing the login request to ensure the client app has the most up to date server URL prior to issuing any user authenticated requests.

[sync-by-unito]

➤ PM Bot commented:

Jira ticket: RCORE-2253

[sync-by-unito]

➤ michael-wb commented:

The fix for this was updated so the location is only requested when an authenticated request fails (prior to refreshing the access token) instead of requesting it for every log_in. The failing request will then be re-sent after the location and access token have been refreshed.